Post navigation

A crowdfunding campaign was launched over a month ago by Bootlin in order to fund the development of an upstream Linux kernel driver for the Allwinner CedarX VPU. The VPU (Video Processing Unit) is in charge of offloading video decoding and encoding to a dedicated hardware block, relieving the main CPU. While Replicant does not support Allwinner devices at this point, the project has acquired a number of Allwinner tablets a few years ago, that helped with the advancements of Allwinner platforms support in upstream projects such as the U-Boot bootloader and the Linux kernel.

Recently, Replicant was a candidate for the Google Summer of Code program and we came up with a list of tasks for the occasion. Although our application was not accepted, we are still interested in completing the tasks that we picked up. We put a deliberate focus on supporting mobile devices in mainline U-Boot and Linux, with a particular emphasis on Allwinner devices, the Optimus Black and the Kindle Fire (first generation). We believe that supporting mobile devices and using standard driver interfaces in the upstream Linux kernel is the only sustainable way for freedom on mobile devices. Instead of writing device-specific code specifically for Android for each of the supported devices, this would allow using generic Hardware Abstraction layers (HALs), reducing the amount of work for hardware support on the Replicant side in the long run. This also allows running other operating systems that integrate the upstream Linux kernel interfaces, such as standard GNU/Linux distributions.

In spite of this, I have been dedicating more and more time to contributing to upstream projects such as coreboot, U-Boot and Linux for supporting devices of various form factors, including mobile devices, laptops and single-board computers. Thus, I became less and less active on the technical side for Replicant, where Wolfgang and others have picked-up the work. There is still a lot of room for contributions and everyone is warmly encouraged to join-in and help with the upstreaming effort for devices, especially regarding the Optimus Black, Kindle Fire (first generation) and Allwinner devices.

As a student approaching graduation, I have joined Bootlin (formerly Free Electrons) in Toulouse, France for an internship focused on supporting the Allwinner VPU in upstream Linux and userspace. It definitely fits perfectly with the logic behind focusing Replicant towards upstream Linux support. In order to accelerate the development of the driver, Bootlin has decided to start a crowdfunding campaign in order to fund Maxime Ripard, who has been working for the company and maintaining Allwinner platforms in the Linux kernel for a while.

As the main goal of the campaign was reached within its first week, Maxime will be able to work with me on the VPU. His in-depth understanding of the sun4i DRM video driver’s innards will also reveal very useful for accelerating the processing of the frames coming from the VPU (without unneeded copies of buffers) and implementing scaling in hardware. In order to support the VPU hardware efficiently, a number of changes have to be introduced to the Linux kernel. It currently lacks an interface to provide coherency between setting specific controls for the media stream and the input/output buffers that these controls are related to and should apply to. This API has been implemented by Alexandre Courbot (who’s working at Google on the Chromium OS project) as the V4L2 request API, that fits the requirements for the Allwinner VPU driver. Other VPU drivers, such as the tegra-vde driver that supports the Tegra 20 video decoder engine, also require this API in order to implement a proper V4L2 mem2mem driver.

The crowdfunding campaign still has 10 days to go and two stretch goals to meet (while the first stretch goal, about supporting newer Allwinner SoCs was already met):

H265 video decoding support

H264 encoding support

As I am not directly impacted by the funding received through the crowdfunding campaign, we believe that there is no direct conflict of interest writing this blog post on the Replicant blog.

While Replicant is mainly backed by Wolfgang in terms of technical contributions nowadays, Denis and Paul are still active in the project, in other ways.

Over the past few months, we have been working with ARCEP, the independent French governmental agency in charge of regulating telecommunications. The agency is working on evaluating the influence of terminal devices in achieving an open Internet, with a particular focus on mobile device. A first report on this topic was issued at the end of may 2017, based on consultations with various members of the industry as well as non-profits such as FFDN, the federation of non-profit ISPs. This first document presents ARCEP’s approach to the application of EU regulation 2015/2120, that gives users specific rights regarding their choice of terminal devices. It provides an analysis of the various actors involved with terminal devices, making clear distinctions between the hardware, operating system, applications and services.

The EU regulation is however less specific and the articles related to terminals can be interpreted with different scopes:

When accessing the internet, end-users should be free to choose between various types of terminal equipment […].

End-users shall have the right to access and distribute information and content, use and provide applications and services, and use terminal equipment of their choice […].

A narrow understanding would associate the choice of the terminal witch choices made available from the industry, while a broader understanding, that ARCEP is pursuing, also takes in account all the actors involved at every level, including actors from the free software community such as Replicant. This lead the authority to get in touch with us, after members of FFDN kindly put-in a word of recommendation for Replicant.

We attended an initial meeting in Paris in September, where we explained our action at Replicant, the problems we are facing and key elements to shape their understanding. We mentioned that not only the operating system should be considered separately in terms of choice, but also other software components such as the boot software, the privileged execution environment and the modem system, that are also crucial parts of a terminal device that can (and often do) restrict the user.

In November, we attended a workshop with members of the industry, that included Microsoft and Qualcomm among others. We took the occasion to directly question them regarding deliberate choices that are detrimental to users in terms of freedom. It seemed agreed and understood that the ability to load an alternative operating system is a necessity for users and that mistakes were made in the past in that area. However, many of the perspectives presented by the industry were not satisfactory in terms of freedom and privacy/security for end users, especially when it comes to IoT and ISP-provided routers that keep embedding more functionalities. We did not always get answers to our questions, as the representatives that were sitting at the table did not share our technical background and thus sometimes did not fully grasp the reality of the situations at hand.

ARCEP is now organizing a public consultation on the influence of terminal devices on an open Internet, that is presented in a dedicated document. Anyone is welcome to submit a contribution, to share their understanding of what the free choice of terminal devices should entail, either in French or in English. This is an opportunity to send a strong message in favor of free software at all the levels involved in mobile devices: boot software, privileged execution environment (often called TrustZone), operating system, applications and modem system. ARCEP is now organizing a public consultation on the influence of terminal devices on an open Internet, that is presented in a dedicated document. Anyone is welcome to submit a contribution, to share their understanding of what the free choice of terminal devices should entail, either in French or in English. This is an opportunity to send a strong message in favor of free software at all the levels involved in mobile devices: boot software, privileged execution environment (often called TrustZone), operating system, applications and modem system. Replicant will also submit a contribution in this direction, that will be published on the Replicant blog soon.

The consultation is open until the 10th of January 2018 and submissions can be sent to: terminaux@arcep.fr.

Some of these presentations are great ways to get an overview of the freedom and privacy/security issues associated with mobile devices, either in English or French. They also offer an introduction to Replicant within that context. Other presentations cover specific technical aspects related to liberating devices at the lower levels.

The talk will be a great opportunity to learn about freedom and privacy/security in mobile devices. The Replicant workshop will showcase devices running Replicant and will be the occasion to get help installing Replicant, verify the project’s release key or just come by and have a chat!

Replicant will take part in Coliberator, the free software conference organized by Fundația Ceata in Bucharest, Romania on June 4-5 2016. Fundația Ceata is the Romanian foundation for Free Software and Free Culture, that proposed to host both a keynote and a workshop about Replicant at Coliberator this year. The keynote will be a great opportunity to learn about freedom and privacy/security in mobile devices. The Replicant workshop will showcase devices running Replicant and will be the occasion to get help installing Replicant, verify the project’s release key or just come by and have a chat! The Tehnoetic team will also take part in the workshop, with Replicant devices available for sale and more!

Scheduling details are still being worked out by the organization team and will be available soon. Either way, note that a GNU Libreboot keynote and workshop will be held as well during Coliberator. This year’s edition of the conference will thus highlight freedom at the lower levels in various ways! Note that Coliberator is organized by the Ceata team from small individual donations, so any contribution to fund the conference is welcome!

Just like previous years, Replicant will be at FOSDEM, during the last weekend of January in Brussels, Belgium.

A lightning talk about the road to liberating software at the lower levels will be given at 18:40 on Saturday, in room H.2215 (Ferrer). This talk will be broader than the scope of Replicant. It will detail how liberating the software running at the lower levels can prove to be quite challenging. Those considerations will be made not only regarding the main processor, but also regarding controllers, peripherals and auxiliary processors.

As usual, there will also be plenty of other interesting things to see and nice people to meet!

This year, devices from Tehnoetic with Replicant preinstalled will be available for sale on the FSFE booth, as well as other Replicant goodies, such as 3D-printed keychains! Remember that part of the sales will go to Replicant.

We will also organize an informal Replicant developer meeting at some point during the event, so people interested in contributing to the project are welcome to join in!

In addition, note that Richard M. Stallman, launcher of the GNU project and founder of the Free Software Foundation, will be giving a talk about Free/Libre/Vrije Software: The Goal and the Path on Friday evening (the day before FOSDEM), at Brussels Campus Etterbeek, VUB.

A few months ago, we were contacted to discuss the endorsement of an online shop selling mobile devices pre-installed with Replicant: Qibre Computer Hardware. While we’re very happy to see such initiatives being developed, we asked for some conditions to be met before endorsing the shop, especially conditions that have to do with informing final users:

Users should not be mislead into believing that the devices are fine for freedom and privacy/security. There are plenty of issues remaining, that are explained in general on the Freedom and privacy/security issues page of the website and in greater details on each device’s wiki page (when documented). Those are out of the scope of free software support in Replicant, but it is crucial to mention them when selling a full device. Linking to these resources is a fine way to ensure that customers have access to that information.

The devices should ship with the official version of Replicant, not a version that was built from source and signed with different keys. However, it is fine to pre-install free applications originating from F-Droid on top of the system, as long as users are made aware of it.

Tehnoetic donates a part of the phone sales profits to Replicant and F-Droid projects. In December, Tehnoetic donated Replicant $101 USD.

Thus, buying devices actually helps Replicant move forward! Buying from these shops rather than third-party resellers also helps them secure money to get stocks of Replicant-supported devices in large quantities, so that it remains possible to buy them for a long time!

Even though development on Replicant is still moving forward at a pretty slow pace, we believe it is crucial to spread the word about the project in order to encourage more people to get involved but also to teach people about the underlying problems for freedom and privacy/security on mobile devices.

During the next two months, Replicant will take part in various free software conferences and events in France. A talk about Replicant, freedom and privacy/security will be given at each event, sometimes with a workshop or some form of public discussion, such as participation in a round table.

Those talks will be opened by Benjamin Bayart, iconic figure in the French free software community and long time activist for electronic liberties and net neutrality.

We hope to see as many of you as possible, to help spread the word about Replicant, freedom and privacy/security on mobile devices! As usual, each event will be an occasion to verify the Replicant release key and get some help installing the system on your device! Donations are also welcome, as they make it possible for me to attend such events at all.

See you soon!

November update: Due to the recent attacks in Paris, Capitole du Libre was canceled and Bazar du Libre is taking place in Toulouse on November 21-22. The talk about Replicant was rescheduled in Mix’art Myrys, room 2 at 3:00 pm.

Even though things are moving slowly at Replicant, we figured it was time to release another batch of Replicant 4.2 images. This release doesn’t add support for any new device, but has a focus on security instead, thanks to an active member of the community: Moritz (also known as My Self on the forums). For months, Moritz has been evaluating whether Replicant is affected by various vulnerabilities, retrofitting patches to close those vulnerabilities and submitting these for inclusion in Replicant. Thanks to his great work, this release includes fixes for security issues such as the Stagefright vulnerability or the Installer Hijacking vulnerability.

Since the previous release, all the Replicant-specific source code was moved over to git.replicant.us, that is gracefully hosted by the FSF. We are planning on moving all the Replicant source code over to that new server, so that we don’t have to rely on third parties such as CyanogenMod and AOSP to provide the full source code for Replicant. In the meantime, we have started tagging the commits used for each release and signing those tags with the Replicant release key, so that it’s possible to reliably retrieve the source code for a given Replicant release. Those tags are also combined in the release metadata’s git-tags.